7 Groups

Unlike a ``user'', a ``group'' is a container. In other words, a ``group'' can identify any number (including zero!) of users. This makes groups very useful for security purposes.

Let us consider an example. Let's say an instructor teaches two classes. Within each class, the files of each student should be accessible by the owner only. However, the instructor also wants to set up certain files that are accessible to each class. Furthermore, class-specific files cannot be accessed from another class.

Without groups, we need to resort to encryption to ensure that only students of a class has access to the content of world-accessible files. Without groups, however, we can do the following instead.

A group can be set up for each class. For our example, we'll use the groups cisn120 and cisn121. Then, we can set up class specific files with the proper group ownership. This is done by the chown command. Then, we change the permissions so that group access (at least read and execute) is permitted. This is done by the chmod command.